package com.okcl.handler;

import com.okcl.dto.Result;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authorization.AuthorizationDeniedException;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;

import javax.security.sasl.AuthenticationException;
import java.nio.file.AccessDeniedException;

@RestControllerAdvice
@Slf4j
public class SecurityExceptionHandler {

    @ExceptionHandler(AuthorizationDeniedException.class)
    public Result handleAuthorizationDeniedException(AuthorizationDeniedException e) {
        log.warn("权限认证失败: {}", e.getMessage());
        return Result.error("权限不足，无法访问该资源");
    }

    @ExceptionHandler(AccessDeniedException.class)
    public Result handleAccessDeniedException(AccessDeniedException e) {
        log.warn("访问被拒绝: {}", e.getMessage());
        return Result.error("权限不足，无法访问该资源");
    }

    @ExceptionHandler(AuthenticationException.class)
    public Result handleAuthenticationException(AuthenticationException e) {
        log.warn("认证失败: {}", e.getMessage());
        return Result.error("认证失败，请重新登录");
    }
}
